def kcdsaprime(pbits, qbits, rng = rand,
event = pgen_nullev, name = 'p', nsteps = 0):
- hbits = pbits - qbits
- h = pgen(rng.mp(hbits, 1), name + ' [h]',
- PrimeGenStepper(2), PrimeGenTester(),
- event, nsteps, RabinMiller.iters(hbits))
- q = pgen(rng.mp(qbits, 1), name, SimulStepper(2 * h, 1, 2),
- SimulTester(2 * h, 1), event, nsteps, RabinMiller.iters(qbits))
- p = 2 * q * h + 1
- return p, q, h
+ hbits = pbits - qbits - 1
+ while True:
+ h = pgen(rng.mp(hbits, 1), name + ' [h]',
+ PrimeGenStepper(2), PrimeGenTester(),
+ event, nsteps, RabinMiller.iters(hbits))
+ while True:
+ q0 = rng.mp(qbits, 1)
+ p0 = 2*q0*h + 1
+ if p0.nbits == pbits: break
+ q = pgen(q0, name, SimulStepper(2*h, 1, 2),
+ SimulTester(2 * h, 1), event, nsteps, RabinMiller.iters(qbits))
+ p = 2*q*h + 1
+ if q.nbits == qbits and p.nbits == pbits: return p, q, h
+ elif nsteps: raise ValueError("prime generation failed")
#----- That's all, folks ----------------------------------------------------
me.assertEqual(p, 2*q*h + 1)
me.assertTrue(p.primep())
me.assertEqual(p.nbits, 512)
- me.assertEqual(ev.events, "[p [h]:F17/P6/D][p:F60/P26/D]")
+ me.assertEqual(ev.events, "[p [h]:F53/P6/D][p:F32/P26/D]")
###--------------------------------------------------------------------------
class TestPrimeIter (U.TestCase):
~mdw / catacomb-python / commitdiff